There is a programming error that allows to access the file on device without permission.
In order to exploit this issue, an attacker has to send a carefully crafted email message or a MMS message with a special URL that has a programming error.
In such a case, the attacker will be able to access the file on the device and thus, to obtain sensitive information.
Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission. There is a programming error that allows to access the file on device without permission. In order to exploit this issue, an attacker has to send a carefully crafted email message or a MMS message with a special URL that has a programming error. In such a case, the attacker will be able to access the file on the device and thus, to obtain sensitive information. In order to exploit this issue, an attacker has to send a carefully crafted email message or a MMS message with a special URL that has a programming error. In such a case, the attacker will be able to access the file on the device and thus, to obtain sensitive information. In order to exploit this issue, an attacker has to send a carefully crafted email message or a MMS message with a special URL that has a programming error. In such a case, the attacker will be able to access the file on the device and thus,
RCE After Exploitation
The attacker can gain control of the device and use it to access sensitive information without permission.
Timeline
Published on: 09/09/2022 15:15:00 UTC
Last modified on: 09/21/2022 20:26:00 UTC